Revision history [back]
Capture filter not filtering anything
Hi there, I'm trying to capture traffic between two sets of two endpoints.
endpoint group 1 capture filter:
ether src 00:10:7f:ae:71:81 or ether dst 00:10:7f:ae:71:81 or ether src 00:10:7f:b0:96:47 or ether dst 00:10:7f:b0:96:47
I run this for about 1 minute and it produces a reasonably sized capture file that doesn't crash wireshark.
Endpoint group 2 capture filter:
ether src 00:10:7f:aa:b6:f0 or ether dst 00:10:7f:aa:b6:f0 or ether src 00:10:7f:ae:fd:07 or ether dst 00:10:7f:ae:fd:07
Within 10 seconds the capture file is about 15 gb. Wireshark does not handle this and crashes.
in both cases I'm only sending 2 interfaces to the span port. The endpoints are Crestron NVX modules sending a mixture of traffic but mostly udp multicast.
What I'm not understanding about either capture filter is that I'm still capturing traffic from other devices, even though I've specified that I only want to capture traffic to or from 2 specific devices.
Capture filter not filtering anything
Hi there, I'm trying to capture traffic between two sets of two endpoints.
endpoint group 1 capture filter:
ether filter:
Ether src 00:10:7f:ae:71:81 or ether dst 00:10:7f:ae:71:81 or ether src 00:10:7f:b0:96:47 or ether dst 00:10:7f:b0:96:47
I run this for about 1 minute and it produces a reasonably sized capture file that doesn't crash wireshark.
Endpoint group 2 capture filter:
ether Within 10 seconds the capture file is about 15 gb. Wireshark does not handle this and crashes.
in both cases I'm only sending 2 interfaces to the span port. The endpoints are Crestron NVX modules sending a mixture of traffic but mostly udp multicast.
What I'm not understanding about either capture filter is that I'm still capturing traffic from other devices, even though I've specified that I only want to capture traffic to or from 2 specific devices.